package com.iretailer.config;


import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Bean;

import java.util.LinkedHashMap;

/**
 * @author xjwtt
 * @date 2018/9/26
 */
@Configuration
public class ShiroConfig {


    /**
     * SecurityManager 为shiro安全管理器，管理着所有的Subject
     *
     * @return
     */
    @Bean
    public SecurityManager securityManager() {
        //配置 SecurityManager 并注入 shrioRealm
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(shiroRealm());
        securityManager.setRememberMeManager(rememberMeManager());
        return securityManager;
    }

    /**
     * ShiroFilterFactoryBean 为Shiro过滤器工厂类
     * 配置一些过滤路径
     *
     * @param securityManager
     * @return
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //设置
        shiroFilterFactoryBean.setSecurityManager(securityManager);

        //配置shiro默认登录界面地址，前后端分离中登录界面跳转由端控制，后台仅返回json数据
        shiroFilterFactoryBean.setLoginUrl("/unauth.action");
        // 登录成功后跳转的url
//        shiroFilterFactoryBean.setSuccessUrl("/index");
        // 未授权url
//        shiroFilterFactoryBean.setUnauthorizedUrl("/403");

        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        //注意过滤器配置顺序 不能颠倒
        // 配置退出过滤器，其中具体的退出代码Shiro已经替我们实现了
//        前后端分离自己实现
//        filterChainDefinitionMap.put("/logout", "logout");
        filterChainDefinitionMap.put("/login.action", "anon");
        filterChainDefinitionMap.put("/", "anon");
        //解析不需要认证
        filterChainDefinitionMap.put("/resolve", "anon");
        // 需要认证的url
        filterChainDefinitionMap.put("/**.action", "user");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        return shiroFilterFactoryBean;
    }


    /**
     * 自己实现的 ShiroRealm
     *
     * @return
     */
    @Bean
    public ShiroRealm shiroRealm() {
        return  new ShiroRealm();
    }


    /**
     *
     * @Author xjw
     * @Date 2018/10/10 13:54
     * @Description : 设置Cookie对象
     *
     **/
    public SimpleCookie rememberMeCookie() {
        //设置 cookie 名称 ，对应登录接口
        SimpleCookie cookie = new SimpleCookie("rememberMe");
        // 设置 cookie 的过期时间，单位为秒，这里为一天
        cookie.setMaxAge(3600);
        return cookie;
    }

    /**
     *
     * @Author xjw
     * @Date 2018/10/10 13:55
     * @Description : 设置Cookie的管理对象
     *
     **/
    public CookieRememberMeManager rememberMeManager() {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        cookieRememberMeManager.setCipherKey(Base64.decode("5AvVhmFLUs0KTA3Kprsdag=="));
        return cookieRememberMeManager;
    }
}
